/**
   * This method verify the ticket.
   *
   * @param ticket String, ticket to validate
   * @param userId String, user id
   * @return String
   * @throws SecurityException the security exception
   */
  public void validateTicket(String ticket, String userId) throws SecurityException {
    logger.debug("IN");
    ConfigSingleton config = ConfigSingleton.getInstance();
    String validateUrl = null;
    String validateService = null;
    if (config != null) {
      // only server side...
      validateUrl = SingletonConfig.getInstance().getConfigValue("CAS_SSO.VALIDATE-USER.URL");
      logger.debug("Read validateUrl=" + validateUrl);
      validateService =
          SingletonConfig.getInstance().getConfigValue("CAS_SSO.VALIDATE-USER.SERVICE");
      logger.debug("Read validateService=" + validateService);
    }
    logger.debug("userId:" + userId);
    try {
      AttributePrincipal principal = null;
      Cas20ProxyTicketValidator sv = new Cas20ProxyTicketValidator(validateUrl);
      sv.setAcceptAnyProxy(true);

      Assertion a = sv.validate(ticket, validateService);
      principal = a.getPrincipal();
      logger.debug("Ticket is VALID, username="******"An exception occured while validating the cas token");
      throw new SecurityException("An exception occured while validating the cas token", e);
    } catch (Throwable e) {
      logger.error("An exception occured while validating the cas token");
      throw new SecurityException("An exception occured while validating the cas token", e);
    } finally {
      logger.debug("OUT");
    }
  }
Пример #2
0
  protected TicketValidator getTicketValidator(long companyId) throws Exception {

    TicketValidator ticketValidator = _ticketValidators.get(companyId);

    if (ticketValidator != null) {
      return ticketValidator;
    }

    String serverName =
        PrefsPropsUtil.getString(companyId, PropsKeys.CAS_SERVER_NAME, PropsValues.CAS_SERVER_NAME);
    String serverUrl =
        PrefsPropsUtil.getString(companyId, PropsKeys.CAS_SERVER_URL, PropsValues.CAS_SERVER_URL);
    String loginUrl =
        PrefsPropsUtil.getString(companyId, PropsKeys.CAS_LOGIN_URL, PropsValues.CAS_LOGIN_URL);

    Cas20ProxyTicketValidator cas20ProxyTicketValidator = new Cas20ProxyTicketValidator(serverUrl);

    Map<String, String> parameters = new HashMap<String, String>();

    parameters.put("serverName", serverName);
    parameters.put("casServerUrlPrefix", serverUrl);
    parameters.put("casServerLoginUrl", loginUrl);
    parameters.put("redirectAfterValidation", "false");

    cas20ProxyTicketValidator.setCustomParameters(parameters);

    _ticketValidators.put(companyId, cas20ProxyTicketValidator);

    return cas20ProxyTicketValidator;
  }
Пример #3
0
  public void validateTicket(HttpServletRequest httpRequest, String ticket) throws Exception {
    Cas20ProxyTicketValidator ticketValidator = new Cas20ProxyTicketValidator(casServerUrl);
    ticketValidator.setRenew(this.renewTicket);

    // String serviceUrl = "http://"+ httpRequest.getServerName() +":" + httpRequest.getServerPort()
    // +
    // httpRequest.getContextPath() +"/private/classic";
    Assertion assertion = ticketValidator.validate(ticket, this.casServiceUrl);

    log.debug(
        "------------------------------------------------------------------------------------");
    log.debug("Service: " + this.casServiceUrl);
    log.debug("Principal: " + assertion.getPrincipal().getName());
    log.debug(
        "------------------------------------------------------------------------------------");

    String principal = assertion.getPrincipal().getName();
    this.saveSSOCredentials(principal, httpRequest);
  }
Пример #4
0
 @Override
 protected void internalInit() {
   CommonHelper.assertNotBlank("callbackUrl", this.callbackUrl);
   CommonHelper.assertNotNull("logoutHandler", this.logoutHandler);
   if (CommonHelper.isBlank(this.casLoginUrl) && CommonHelper.isBlank(this.casPrefixUrl)) {
     throw new TechnicalException("casLoginUrl and casPrefixUrl cannot be both blank");
   }
   if (this.casPrefixUrl != null && !this.casPrefixUrl.endsWith("/")) {
     this.casPrefixUrl += "/";
   }
   if (CommonHelper.isBlank(this.casPrefixUrl)) {
     this.casPrefixUrl = this.casLoginUrl.replaceFirst("/login", "/");
   } else if (CommonHelper.isBlank(this.casLoginUrl)) {
     this.casLoginUrl = this.casPrefixUrl + "login";
   }
   if (this.casProtocol == CasProtocol.CAS10) {
     this.ticketValidator = new Cas10TicketValidator(this.casPrefixUrl);
   } else if (this.casProtocol == CasProtocol.CAS20) {
     this.ticketValidator = new Cas20ServiceTicketValidator(this.casPrefixUrl);
     if (this.casProxyReceptor != null) {
       final Cas20ServiceTicketValidator cas20ServiceTicketValidator =
           (Cas20ServiceTicketValidator) this.ticketValidator;
       cas20ServiceTicketValidator.setProxyCallbackUrl(this.casProxyReceptor.getCallbackUrl());
       cas20ServiceTicketValidator.setProxyGrantingTicketStorage(
           this.casProxyReceptor.getProxyGrantingTicketStorage());
     }
   } else if (this.casProtocol == CasProtocol.CAS20_PROXY) {
     this.ticketValidator = new Cas20ProxyTicketValidator(this.casPrefixUrl);
     final Cas20ProxyTicketValidator cas20ProxyTicketValidator =
         (Cas20ProxyTicketValidator) this.ticketValidator;
     cas20ProxyTicketValidator.setAcceptAnyProxy(this.acceptAnyProxy);
     cas20ProxyTicketValidator.setAllowedProxyChains(this.allowedProxyChains);
     if (this.casProxyReceptor != null) {
       cas20ProxyTicketValidator.setProxyCallbackUrl(this.casProxyReceptor.getCallbackUrl());
       cas20ProxyTicketValidator.setProxyGrantingTicketStorage(
           this.casProxyReceptor.getProxyGrantingTicketStorage());
     }
   } else if (this.casProtocol == CasProtocol.SAML) {
     this.ticketValidator = new Saml11TicketValidator(this.casPrefixUrl);
   }
 }
Пример #5
0
 protected void initializeCas20ProxyProtocol(final WebContext context) {
   this.ticketValidator = new Cas20ProxyTicketValidator(this.casPrefixUrl);
   final Cas20ProxyTicketValidator cas20ProxyTicketValidator =
       (Cas20ProxyTicketValidator) this.ticketValidator;
   cas20ProxyTicketValidator.setEncoding(this.encoding);
   cas20ProxyTicketValidator.setAcceptAnyProxy(this.acceptAnyProxy);
   cas20ProxyTicketValidator.setAllowedProxyChains(this.allowedProxyChains);
   if (this.casProxyReceptor != null) {
     cas20ProxyTicketValidator.setProxyCallbackUrl(
         this.casProxyReceptor.computeFinalCallbackUrl(context));
     cas20ProxyTicketValidator.setProxyGrantingTicketStorage(
         this.casProxyReceptor.getProxyGrantingTicketStorage());
   }
 }